Novell Netware Client code execution

Invalid pointer dereference on named pipe message parsing...

ZDI-09-016: Novell Client/NetIdentity Agent Remote Arbitrary Pointer Dereference Code Execution Vulnerability

ZDI-09-016: Novell Client/NetIdentity Agent Remote Arbitrary Pointer Dereference Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-016 April 6, 2009 -- Affected Vendors: Novell -- Affected Products: Novell Netware -- Vulnerability Details: This vulnerability allows...

Novell Client/NetIdentity Agent Remote Arbitrary Pointer Dereference Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware. A valid IPC$ connection must be established in order to exploit this vulnerability. The specific flaw exists within xtagent.exe during the handling of RPC messages over the...

Novell Netstorage Multiple Vulnerabilities

Novell Netstorage Multiple Vulnerabilities - Description "Novell NetStorage acts as a bridge between a company's protected Novell network and the Internet, providing protected file access from any Internet location. Files and folders on a Novell NetWare® 6.5 server or Novell Open Enterprise...

Novell Netstorage XSS / Denial Of Service

Novell Netstorage Multiple Vulnerabilities - Description "Novell NetStorage acts as a bridge between a company's protected Novell network and the Internet, providing protected file access from any Internet location. Files and folders on a Novell NetWare® 6.5 server or Novell Open Enterprise...

Novell NetStorage 2.0.1/3.1.5 - Multiple Remote Vulnerabilities

source: https://www.securityfocus.com/bid/34267/info Novell NetStorage is prone to the following remote vulnerabilities: - An information-disclosure vulnerability - A cross-site scripting vulnerability - A denial-of-service vulnerability Attackers can exploit these issues to obtain sensitive...

Novell Netware GWIA buffer overflow

Off-by-one on oversized SMTP RCPT TO: command...

ZDI-09-010: Novell Netware Groupwise GWIA RCPT Command Buffer Overflow Vulnerability

ZDI-09-010: Novell Netware Groupwise GWIA RCPT Command Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-010 February 2, 2009 -- Affected Vendors: Novell -- Affected Products: Novell Netware -- TippingPointTM IPS Customer Protection: TippingPoint IPS customers have...

Novell Netware Groupwise GWIA RCPT Command Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware Groupwise SMTP daemon. Authentication is not required to exploit this vulnerability. The specific flaw exists during the parsing of malformed RCPT verb arguments to the SMTP daemon...

Novell Netware 6.5 - 'ICEbrowser' Remote System Denial of Service

!/usr/bin/perl novellnwibsysdos.pl Novell Netware 6.5 ICEbrowser Remote System Denial of Service Exploit Jeremy Brown [email protected]/jbrownsec.blogspot.com "Mozilla/5.0 NetWare; U; NetWare 6.50.06; en-US ICEbrowser/6.1.2 NovellViewPort/3.7.2" After target views exploit page, the browser wil...

Novell Netware 6.5 (ICEbrowser) Remote System DoS Exploit

Exploit for unknown platform in category dos / poc ========================================================= Novell Netware 6.5 ICEbrowser Remote System DoS Exploit ========================================================= !/usr/bin/perl novellnwibsysdos.pl Novell Netware 6.5 ICEbrowser Remote...

Novell Netware 6.5 Denial Of Service

!/usr/bin/perl novellnwibsysdos.pl Novell Netware 6.5 ICEbrowser Remote System Denial of Service Exploit Jeremy Brown [email protected]/jbrownsec.blogspot.com "Mozilla/5.0 NetWare; U; NetWare 6.50.06; en-US ICEbrowser/6.1.2 NovellViewPort/3.7.2" After target views exploit page, the browser wil...

Novell Netware 6.5 - ICEbrowser Remote System Denial of Service

Novell Netware 6.5 - ICEbrowser Remote System Denial of Service !/usr/bin/perl novellnwibsysdos.pl Novell Netware 6.5 ICEbrowser Remote System Denial of Service Exploit Jeremy Brown [email protected]/jbrownsec.blogspot.com "Mozilla/5.0 NetWare; U; NetWare 6.50.06; en-US ICEbrowser/6.1.2...

Novell Netware 6.5 (ICEbrowser) Remote System DoS Exploit

No description provided by source. !/usr/bin/perl novellnwibsysdos.pl Novell Netware 6.5 ICEbrowser Remote System Denial of Service Exploit Jeremy Brown [email protected]/jbrownsec.blogspot.com "Mozilla/5.0 NetWare; U; NetWare 6.50.06; en-US ICEbrowser/6.1.2 NovellViewPort/3.7.2" After target...

Novell Netware ICEbrowser denial of service

Resources exhaustion with Javascript...

Novell Netware ApacheAdmin控制台空口令漏洞

BUGTRAQ ID: 32657 CVECAN ID: CVE-2008-5696 Novell Netware是一款商业性质的网络操作系统。 如果将OES2 Linux服务器安装在已运行NetWare的树结构上，则安装后用户无需输入口令便可以访问ApacheAdmin控制台，这允许远程攻击者通过控制台操作重新配置Apache HTTP服务器。 Novell Netware 6.5 Novell ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://support.novell.com/security-alerts...

CVE-2008-5696

Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations...

Design/Logic Flaw

Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations...

CVE-2008-5696

Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations...

CVE-2008-5696

CVE-2008-5696 affects NetIQ/NetWare 6.5 prior to Support Pack 8; when an OES2 Linux server is added to the NDS tree, the ApacheAdmin console can be accessed without a password, allowing remote attackers to reconfigure the Apache HTTP Server. The issue is specific to the NetWare/OES2 integration. ...